Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
0
Replies

pptp same subnet but can't ping

petemitchell
Level 1
Level 1

‎02-13-2016 05:06 AM

Hey guys

i have a very particular requirement that my colleagues can pptp into a 877 over the internet and then can communicate with each other.  There is no local resource attached to the Router which is needed to be accessed by pptp users. Only pptp users should talk to each other.

I have created the config and everyone can successfully dial pptp. But no one is able to access each other even though they all are in same subnet.

Can someone hint me what is wrong here?   877 is connected to internet via isp link and does NAT for local LAN traffic.

 


aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization network default local
!
!
ip cef

vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel receive-window 256
!
vpdn-group 2
request-dialin
protocol pppoe
l2tp tunnel receive-window 256
!
interface Loopback0
description *** Loopback ***
ip address 172.16.1.1 255.255.255.255
ip virtual-reassembly

interface Virtual-Template1
ip unnumbered Loopback0
ip virtual-reassembly
rate-limit input 6144000 768000 768000 conform-action transmit exceed-action drop
rate-limit output 6144000 768000 768000 conform-action transmit exceed-action drop
load-interval 30
peer default ip address pool PPTP-Pool
no keepalive
ppp encrypt mppe auto
ppp authentication pap chap ms-chap
!
interface Vlan1
ip address 10.0.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Vlan99
no ip address
ip virtual-reassembly
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Dialer1
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1420
load-interval 30
dialer pool 1
ppp chap hostname 024545454@myisp.com
ppp chap password 7 15081454fdd343
ppp pap sent-username 024545454@myisp.com password 7 1203131D4A04544fdfdfdfdC3A
!
ip local pool PPTP-Pool 192.168.0.20 192.168.0.125
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
no ip http server
no ip http secure-server
ip nat pool Lan-Pool 10.0.0.2 10.0.0.100 prefix-length 24
ip nat inside source list Lan-Pool interface Dialer1 overload
!
ip access-list standard Lan-Pool
permit any

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents